Admin user loses some permissions when oauth is set up
General
Escalation
General
Escalation
Description
How to test
None
How to document
None
Activity
Show:
Baptiste Balmon November 20, 2024 at 9:24 AM
Thank you , I will for sure !
Aaditya Dubey November 20, 2024 at 9:15 AM
Hi
When PMM3 beta is released, we want you to test it with PMM3 and share your feedback if you still see the issue.
Baptiste Balmon November 20, 2024 at 9:03 AM
hi thank you for your response.
I’m sorry, what do you want me to test ?
Aaditya Dubey November 18, 2024 at 9:57 AM
Hi
We are marking this ticket as “Incomplete“ until you test and provide feedback.
Hi,
I have recently tried to set up some generic oauth for Percona PMM to allow some users to login via Keycloak in our organization.
Here is the environment file used by the percona pmm podman container to set up this OIDC login :
We are currently using keycloak as the auth provider.
Concerning the podman container, here is the service file :
Running the container works, we can connect through OIDC with users coming from Keycloak and our AD.
But when we activate this generic oauth, the local admin user loses its permissions :
we get some internal server errors
we lose the “inventory” context (we can’t see the clients anymore)
the api keys used by the clients to send datas to PMM don’t work anymore
It meens that we can’t send datas anymore to the PMM server and we can’t configure the PMM server with the admin user anymore.
When we disable the generic oauth, everything is back to normal.
Have you ever experienced it ?
Thank you